1. Technical Field
This disclosure relates generally to improving resource usage on a computer system, and, in some embodiments, to classifying processes and taking corrective actions in response thereto.
2. Description of the Related Art
Computer systems typically have numerous processes that share system resources (one or more processors, memory space, network bandwidth, etc.). A potential problem with having multiple processes is that they may be inefficient in sharing system resources. In many instances, processes are completely unnecessary to system operation, yet contend with high-value processes for limited system resources.
Developers of software that corresponds to these processes generally have little motivation to address this issue, because they are more often concerned with providing a maximal feature set to users. These processes typically consume a large amount of resources, without regard for the needs of other processes on the system. This disregard often results in a “tragedy of the commons,” in which processes are ultimately starved or severely impaired. Operating system designers also have not addressed this issue. While most operating systems provide a mechanism for analyzing resource usage, they usually do not attempt to favor particular processes over other processes, providing an impartial “best efforts” paradigm to all processes.
The problem of resource usage is further magnified as the size of the computing environment increases. Consider an environment that includes many thousands of computer systems (such as an enterprise environment). At a given time in such an environment, millions of processes may be running, all of which are competing for limited resources. The execution of these processes may correspond to a significant investment in cost and resources on the part of the enterprise. Power consumption is but one example of a cost/resource.
To address the issue of resource consumption, information technology (IT) departments commonly inventory software (e.g., for compliance reasons in enterprise environments). Additionally, IT departments commonly deploy security software programs to identify malicious software running in the enterprise environment. Still further, a given desktop (i.e., client machine) might be manually reconfigured/optimized by an IT department employee. These approaches have certain limitations, however. For example, these approaches do not enable entities to gain insight into (and informed control over) what non-malicious or benign processes are running on end-user systems at a given time. (Non-malicious processes include those processes not flagged or classified by security software as harmful and those processes not intended to harm a computer system; examples of malicious processes include viruses, worms, keyloggers, adware, etc.) Because the vast majority of processes in an enterprise are benign, this lack of insight is a huge blind spot that creates cost inefficiencies and security problems, and prevents entities from being able to appropriately prioritize and direct their computing resources.